Wednesday, February 4, 2015

Configuring an Azure SSO portal

In a previous blog post I show how to enable your Office 365 Azure AD. Once you have access to Azure AD you have access to the free version of Azure AD. Amongst other things this allows you to manage user accounts, synchronise with on premises directories and get single sign (SSO) on across Azure, Office 365 and thousands of web based applications.

To set up this SSO portal you will need to login to your Azure AD as an Office 365 global administrator.

Select Active Directory from the menu on the left and the name of your Active Directory. That should display a screen like that shown above. From the menu across the top select the Applications option.

This will list any pre-configured web apps. If this is the first time here you will probably see that both Office 365 Exchange Online and SharePoint Online have been configured for you.

To add a new application to the SSO portal select the Add button at the bottom of the page.

Next, select the option to Add an application from the gallery.

You should see that there over 2,400 apps currently that you can select from. The easiest way to locate app you want to integrate into your SSO portal is by using the search features in the top right.

Here, I’m going to integrate Evernote, so I simply select the icon in the middle of the page once I have located it in the list.

Different applications have different configuration requirements but in this case with Evernote all I need to now do is assign which users need to access it. I do this by selecting the button Assign users.

This should now take you to a list of users (here, my Office 365 users).

Firstly, select the user you wish to assign the app to and then press the Assign button at the bottom of the page.

This will now prompt you to enter the app login credentials you wish to have for the user. Enter these and select the check icon in the lower right corner.

You should now see that user has a Direct assignment for that app as shown above.

and because we can connected our Office 365 directory to this SSO they can login using their usual Office 365 credentials but now they will only need to do that to access all their web based applications you have configured for them.

Once a user logs into the SSO portal they will see all the apps that you have configured for them. To access any of these they simply click on the icon.

In this case, if I click on the Evernote icon I just configured a new tab in my browser will automatically open and I will be automatically logged into the application using the credential entered at the configuration stage.

So that’s the basics of what’s included for free with Office 365, Azure and the single sign in portal. Is there more that you can do? Sure is, but that will have to wait for an upcoming blog post.